package org.example.config;


import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.web.filter.mgt.DefaultFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.ServletContainerSessionManager;
import org.example.service.UserService;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * 描述：
 *
 * @author caojing
 * @create 2019-01-27-13:38
 */
@Configuration
public class ShiroConfig {

//    @Bean(name = "shiroFilter")
//    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
//        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//        shiroFilterFactoryBean.setSecurityManager(securityManager);
//        shiroFilterFactoryBean.setLoginUrl("/login");
//        shiroFilterFactoryBean.setUnauthorizedUrl("/notRole");
//        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
//        // <!-- authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问-->
//        filterChainDefinitionMap.put("/webjars/**", "anon");
//        filterChainDefinitionMap.put("/login", "anon");
//        filterChainDefinitionMap.put("/", "anon");
//        filterChainDefinitionMap.put("/front/**", "anon");
//        filterChainDefinitionMap.put("/api/**", "anon");
//        filterChainDefinitionMap.put("/book/**", "anon");
//
//        filterChainDefinitionMap.put("/v2/**", "anon");
//        filterChainDefinitionMap.put("/swagger/**", "anon");
//        filterChainDefinitionMap.put("/swagger-ui.html", "anon");
//        filterChainDefinitionMap.put("/swagger-resources/**", "anon");
//
//        filterChainDefinitionMap.put("/admin/**", "authc");
//        filterChainDefinitionMap.put("/user/**", "authc");
//        //主要这行代码必须放在所有权限设置的最后，不然会导致所有 url 都被拦截 剩余的都需要认证
//        filterChainDefinitionMap.put("/**", "authc");
//        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
//        return shiroFilterFactoryBean;
//
//    }

    @Bean
    ShiroFilterChainDefinition shiroFilterChainDefinition() {
        DefaultShiroFilterChainDefinition filterChainDefinition = new DefaultShiroFilterChainDefinition();

        filterChainDefinition.addPathDefinition("/static/index.html",  DefaultFilter.authc.name());
        filterChainDefinition.addPathDefinition("/app/**", DefaultFilter.anon.name());
        filterChainDefinition.addPathDefinition("/login/**", DefaultFilter.anon.name());

        //
        filterChainDefinition.addPathDefinition("/book/**", DefaultFilter.anon.name());

        filterChainDefinition.addPathDefinition("/v2/**", DefaultFilter.anon.name());
        filterChainDefinition.addPathDefinition("/swagger/**", DefaultFilter.anon.name());
        filterChainDefinition.addPathDefinition("/swagger-ui.html", DefaultFilter.anon.name());
        filterChainDefinition.addPathDefinition("/swagger-resources/**", DefaultFilter.anon.name());
        filterChainDefinition.addPathDefinition("/webjars/**", DefaultFilter.anon.name());

        filterChainDefinition.addPathDefinition("/cpt/**", DefaultFilter.anon.name());
        filterChainDefinition.addPathDefinition("/bh-common/**", DefaultFilter.anon.name());
        filterChainDefinition.addPathDefinition("/cs/user/**", DefaultFilter.anon.name());

        filterChainDefinition.addPathDefinition("/**", DefaultFilter.authc.name());

        return filterChainDefinition;
    }

//    @Bean
//    public SecurityManager securityManager() {
//        DefaultWebSecurityManager defaultSecurityManager = new DefaultWebSecurityManager();
//        defaultSecurityManager.setRealm(customRealm());
//        return defaultSecurityManager;
//    }
@Bean
ServletContainerSessionManager sessionManager() {
    return new ServletContainerSessionManager();
}
//    @Bean
//    public CustomRealm customRealm() {
//        CustomRealm customRealm = new CustomRealm();
//        return customRealm;
//    }

    @Bean
    Realm realm(UserService loginUserService) {
        return new CustomRealm(loginUserService);
    }
}

